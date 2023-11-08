FSRA releases final IT Risk Management Guidance

TORONTO, Nov. 8, 2023 /CNW/ - The Financial Services Regulatory Authority of Ontario (FSRA) is taking active steps to further protect consumers and their data against harmful IT risks, like cyber threats.

Today we released our final Information Technology (IT) Risk Management Guidance following robust consultation.

The Guidance will help FSRA-regulated sectors and individuals effectively manage threats to their IT systems, infrastructure and data.

The Guidance includes:

Seven practices for effective IT risk management

A process to notify FSRA in the event of an IT risk incident

Sector-specific requirements for credit unions and caisses populaires, Ontario -incorporated insurance companies and reciprocals, and pension plan administrators

Regulated entities must still comply with existing requirements related to IT risk and the protection of personal information, including the requirements of the Personal Information Protection and Electronic Documents Act ("PIPEDA") .

In response to the feedback gathered from January 23 to March 31, 2023, FSRA amended the proposed guidance as identified in the consultation summary. Some changes include:

The effective date of the Guidance has been changed from June 2023 to April 1, 2024

to The IT incident reporting timeframe has been updated to "as soon as feasible, which would normally fall within the 48 to 72 hours range"

More flexibility to inform FSRA in the event of a material incident, including using a secure portal

FSRA thanks all stakeholders for their comments and feedback. The final Guidance and summary of feedback are now available on FSRA's website.

Learn More

FSRA continues to work on behalf of all stakeholders, including consumers, to ensure financial safety, fairness, and choice for everyone.

Learn more at www.fsrao.ca .

FOR MEDIA INQUIRIES:

Russ Courtney

Sr. Media Relations and Digital Officer

Financial Services Regulatory Authority

C: 437-225-8551

Email: [email protected]

SOURCE Financial Services Regulatory Authority of Ontario